As part of the vx-underground x @SentinelOne Malware Research Challenge, DLL_Cool_J released a paper on state sponsored Threat Actors targeting security researchers by weaponizing tools such as Ghidra.

This paper also provides historical examples.

https://www.sentinelone.com/blog/analyzing-attack-opportunities-against-information-security-practitioners/

We spoke with an AI and Machine Learning scientist. His work includes novel cancer detection methods using machine learning and scalable finite difference methods for reinforcement learning.

AI is a hot topic. We'll be discussing AI in regards to cyber weaponry with him.

Behind the scenes at vx-underground (ignore the cat).

NoBit ransomware group states they encrypt data in SHA 😭😭😭

NoBit contacted us regarding this message. They state we have misunderstood their post.

How do you pronounce "CVE"?

1. C. V. E.

2. Svye

3. KaVooEe

Today ALPHV ransomware group gave us their autograph.

The administrators English penmanship is better than we expected

People have been discussing the "death" of infosec Twitter. They have defined it's decline based on the number of KaVooEe's discussed each month.

Infosec is more than just KaVooEe's.

Telegram is the only platform that vx-underground utilizes that can generate a 250% increase of web traffic and post engagement if we share images of cats.

We've updated the vx-underground malware source code collection on GitHub

- Javascript.Kaoom.Unknown
- Panel.BlackHole.IonCube.a
- Win32.GreenDamCensor.Exploit.a
- Win32.Bootkit.BlackLotus.b

https://github.com/vxunderground/MalwareSourceCode

Group-IB’s co-founder, Ilya Sachkov, has been convicted of treason and sentenced to 14 years in prison by a Moscow court.

More information:
https://www.group-ib.com/media-center/press-releases/statement-on-the-conviction-of-ilya-sachkov/

A money mule cashing out for a Threat Actor (2023, colorized)

Today David Grusch, an individual who served 14 years with the United States Air Force and National Geospatial Intelligence Agency, testified under oath that the United States government possesses 'Unidentified Anomalous Phenomena' and has been reverse engineering it for decades

More info: https://www.cbsnews.com/news/ufo-hearing-congress-uap-takeaways-whistleblower-conference-david-grusch-2023/

Today haveibeenpwned announced they have acquired the Breached Forum database. An individual using the alias "breached_db" compromised Breached in November, 2022. This was when Pompompurin was the administrator.

This database leak exposes PII on 212,000 users.

cl0p ransomware group has compromised 3 of the largest Cyber Threat Intelligence agencies on the planet.

They have extorted schools, healthcare facilities, and multimillion dollar organizations.

With Web Environment Integrity in Chromium (Chrome, Opera, Edge) it'll allow websites to determine whether a visitor is a human or a robot based off of hardware fingerprinting.

It is designed to enhance ad delivery capabilities.

https://twitter.com/nearcyan/status/1684242509847822336

The sample is available on the vx-underground website. It is located under /Tmp/

Hash: CB000ABED31B92B4F3F895A633EF0FFAF01A1BE0DFC73619ACF98C1605A5999D